VMware ESXi 41 Operations Guide TWP

8/3/2019 VMware ESXi 41 Operations Guide TWP

http://slidepdf.com/reader/full/vmware-esxi-41-operations-guide-twp 1/22

VMware®

ESXi™

4.1Operations GuideT E C H N I C A L W H I T E P A P E R



T E C H N I C A L W H I T E P A P E R / 2

VMware® ESXi™ 4.1 Operations Guide

IntroductionThehypervisorarchitectureoVMware®vSphere™(“vSphere”)playsacriticalroleinthemanagemento

thevirtualinrastructureTheintroductionothebare-metalVMwareESX®architectureinsignicantlyenhancedperormanceandreliabilitywhichinturnenabledcustomerstoextendthebenetsovirtualizationto

theirmission-criticalapplicationsTheintroductionotheVMwareESXi™architecturerepresentsasimilarleap

orwardinreliabilityandvirtualizationmanagementLessthanpercentaslargeasVMwareESXVMwareESXi

runsindependentlyoanoperatingsystem(OS)andimproveshypervisormanagementintheareasosecurity

deploymentandcongurationandongoingadministrationYetnoneothiscomesatthecostounctionality

AllotheeaturesoeredbyVMwarevSpheresuchasVMwarevMotion™(vMotion)VMwareStorage

vMotion(StoragevMotion)VMwareHighAvailability(VMwareHA)VMwareFaultTolerance(VMwareFT)and

VMwareDistributedResourceScheduler(VMwareDRS)areullysupportedontheVMwareESXiarchitecture

ThispaperdescribesthearchitectureoVMwareESXiandthenexplainshowvariousmanagementtasksare

perormedinitThisinormationcanbeusedtohelpplanamigrationtotheVMwareESXiarchitectureromthe

legacyVMwareESXrameworkandtoimproveorenhanceday-to-dayoperations

ArchitectureIntheoriginalVMwareESXarchitecturethevirtualizationkernel(VMkernel)isaugmentedbyamanagement

partitionknownastheconsoleoperatingsystem(COS)orserviceconsoleTheprimarypurposeotheCOSisto

provideamanagementinteracewiththehostVariousVMwaremanagementagentsaredeployedintheCOS

alongwithotherinrastructureserviceagents(orexamplenameservicetimeserviceloggingandsoon)In

thisarchitecturemanycustomersdeployotheragentsromthirdpartiestoprovideaparticularunctionality

suchashardwaremonitoringandsystemmanagementFurthermoreindividualadministrativeusersloginto

theCOStoruncongurationanddiagnosticcommandsandscripts

Hardware

Monitoring

Agents

System

Management

Agents

VMware

Management

Agents

CLI Commands

for Configuration

and Support

Infrastructure

Agents

(NTP, Syslog)

Service console

VMkernel

Virtual Machine

Support and Resource

Management

VM VM VM

Figure 1. Architecture o VMware ESX





IntheVMwareESXiarchitecturetheCOShasbeenremovedandallotheVMwareagentsrundirectlyon

theVMkernelInrastructureservicesareprovidednativelythroughmodulesincludedintheVMkernelOther

authorizedthird-partymodulessuchashardwaredriversandhardwaremonitoringcomponentscanruninthe

VMkernelaswellOnlymodulesthathavebeendigitallysignedbyVMwareareallowedonthesystemcreatinga

tightlylocked–downarchitecturePreventingarbitrarycoderomrunningontheVMwareESXihostgreatly

improvesthesecurityandstabilityothesystem

VMkernel Local Support Consoles

CLI Commands for

Configuration

and Support

Agentless

Systems

Management

VMware

Management

Framework

Infrastructure

Agents

(NTP, Syslog)

Virtual MachineSupport and

ResourceManagement

Common

Information

Model

Agentless

Hardware

MonitoringVM VM VM

Figure 2. Architecture o VMware ESXi

ManagementThemanagementunctionalitythatwasprovidedbyagentsintheVMwareESXarchitectureisnowexposed

viaAPIsintheVMwareESXiarchitectureThisallowsoran“agentless”approachtohardwaremonitoringand

systemmanagementVMwarealsocreatedremotecommandlinessuchastheVMwarevSphereCommand-

LineInterace(vCLI)andVMwarevSpherePowerCLI(PowerCLI)toprovidecommandandscripting

capabilitiesinamorecontrolledmannerTheseremotecommand-linesetsincludeavarietyocommandsor

congurationdiagnosticsandtroubleshootingForlow-leveldiagnosticsandtheinitialcongurationmenu-

drivenandcommand-lineinteracesareavailableonthelocalconsoleotheserverTheollowingsections

discussindividualmanagementtopicsanddescribehowtasksareperormedintheVMwareESXiarchitecture





Service Console (COS)

Management Agents Agentless vAPI-Based

Agentless CIM-Based

vCLI, PowerCLI

Local Support Console

CIM API vSphere API

Native Agents:hostd, vpxa, NTP,Syslog, SNMP, etc.

Hardware Agents

Commands forConfiguration and

Diagnostics

InfrastructureService Agents

“Classic” VMware ESX VMware ESXi

Figure 3. New and Improved Paradigm or VMware ESX Management

Automation

ToautomatethemanagementoaVMwareESXideploymentVMwarehascreatedeasy-to-usescriptingtools

UserscanwritescriptswiththesameunctionalityasthevSphereclienttoautomatemanualtasksenabling

ecientmanagementandcongurationosmall-tolarge-scaleenvironmentsThesetoolsworkwellwithboth

VMwareESXiandVMwareESXhostsempoweringuserstoadministermixedenvironmentseasily

PowerCLIisarobustcommand-linetoolorautomatingallaspectsovSpheremanagementincludinghost

networkstoragevirtualmachineguestOSandmorePowerCLIisdistributedasaWindowsPowerShell

snap-inItincludesmorethanPowerShellcmdletsalongwithdocumentationandsamplesPowerCLI

seamlesslyblendsthevSphereplatormwithWindowsandNETwhichmeansyoucanusePowerCLIbyitselor

withinmanydierentthird-partytools

vCLIisasetomorethancommand-lineutilitiesthathelpusersprovisionconguretroubleshootand

maintainVMwareESXandVMwareESXihostsWherePowerCLIisbettersuitedorlarge-scaleautomation

vCLIisaimedatuserswhoeelmorecomortablewiththelegacyCOScommandsTherearecommands

thatcancompletelyautomatetheinitialcongurationoaVMwareESXihostandothersthatprovide

troubleshootinganddiagnosticcapabilitiesVMwareprovidesvCLIpackagesorinstallationonbothWindows

andLinuxsystemsandisavailableprepackagedaspartotheVMwarevSphereManagementAssistant

(vSphereManagementAssistant)





vCLIhasnumerouscommandsortroubleshootingincluding

•vmkstools

•vmware-cmd

•resxtop

InvSphereimportantenhancementsmakethevCLImorepowerul

•Perormshostoperationssuchasrebootingandenteringorexitingmaintenancemodeusingthe

“vicg-hostops”command

•ConguresMicrosotActiveDirectoryusingthe“vicg-authcong”command

•ConguresIPsecwith“vicg-ipsec”

•Forciblyterminatesavirtualmachineevenwhenitisnotrespondingtonormalshutdowncommandsusing

the“esxclivms”command

•ConguresstoragetoagreaterextentincludingvarioussotwareiSCSIparametersandstorageplug-ins

usingaseriesonewoptionstothe“esxcli”command

•Employsadditionaldiagnosticcapabilitiesornetworkingandstorageincluding

– The“esxclinetwork”commandwhichlistsactiveconnectionsoractiveARPtableentries

–Newoptionsor“resxtop”whichshowNFSstatistics

BothPowerCLIandvCLIarebuiltonthesameinteracesasthevSphereclientTheycanbepointeddirectlyata

VMwareESXihostoratVMwarevCenter™Whenpointedatahosttheycanexecutecommandsdirectlyona

VMwareESXihostsimilarlytohowacommandintheCOSoVMwareESXoperatesononlythathostLocal

authenticationisrequiredinthiscaseAlternativelywhencommunicatingthroughVMwarevCenterthevCLI

andPowerCLIcommandsbenetromthesameauthentication(orexampleActiveDirectory)rolesand

privilegesandeventloggingasvSphereclientinteractionsThisprovidesoramuchmoresecureandauditable

managementramework

TheVMwarevSphereManagementAssistantisavirtualappliancethatpackagesthevCLItheVMware

vSphereSDKorPerlaswellasaloggingmodule(called“vi-logger”)andauthenticationmodulesor

unattendedscriptexecution(called“vi-astpass”)intooneconvenientbundle

Theollowingtablecontainsdierentcategoriesooperationalproceduresandthepreerredtooloreach

categoryWehaveratedeachtoolpertasktoclassiytheleveloexpertiserequired

TASK vCLI/vMA POWERCLI

Reporting Normal Easy

Monitoring Hard Normal

Conguration Easy Easy

Automation Normal Easy

Troubleshooting Easy Hard

Table 1. Ease o Operational Tasks

Althougheachothetoolscanbeusedtoaccomplishagiventasktheprecedingtablecanbeusedasan

indicationowhichtoolswouldbestmeetyourrequirements





Deployment

VariousdeploymentmethodsaresupportedorVMwareESXisuchasbootingtheinstallerooaDVDorover

PXEanddeployingtheVMwareESXiimageontoalocaldiskoverthenetworkusingavarietyoprotocols

includingsecureHTTPVMwareESXienablesuserstodoascriptedinstallationotheVMwareESXisotwareontothelocaldiskoaserveranalogoustothekick-startmechanismusedorVMwareESXarchitectureThe

scriptedinstallationcongurationle(typicallynamed“kscg”)canalsospeciytheollowingscriptstobe

executedduringtheinstallation

•Preinstall

•Postinstall

•First-boot

ThesescriptsarerunlocallyontheVMwareESXihostandcanperormvarioustaskssuchasconguringthe

host’svirtualnetworkingandjoiningittoVMwarevCenterServerThesescriptscanbewrittenineithertheTech

SupportModeshellorPython

SupportorbootromSANhasbeenaddedtoVMwareESXiThissupportincludesFibreChannelSANas

wellasiSCSIandFCoEorcertainstorageadaptersthathavebeenqualiedorthiscapability

VMwareESXiisstillavailablepreinstalledonFlashdrivesoncertainservermodelsavailableromanumbero

hardwareOEMvendors(ConsulttheserverHCLtodeterminewhichcombinationsoserverandUSBorFlash

drivearesupported)

AsstatedwithvSphereVMwarehasaddedscriptedinstallationcapabilitiestoVMwareESXiAbasicscripted

CD-ROM–basedinstallentailstheollowingprocedure

1. Boot rom the VMware ESXi CD-ROM

2. Press “Tab” when the “VMware VMvisor Boot Menu” is displayed

3. Edit the string so that it includes the location o your script:

> mboot.c32 vmkboot.gz ks=http://<ip-address>/ks.cfg --- vmkernel.gz --- sys.vgz ---

cim.vgz --- ienviron.vgz --- install.vgz

Whenincludingthelocationoyourscriptensuretoappenditater“vmkbootgz”andbeore“---vmkernelgz”

orthescripttounctioncorrectlyTheip-addressshouldbereplacedwiththeip-addressotheWebserver

hostingthecongurationleThekscgcongurationlecanalsobelocatedonothertypesomediasuchas

CD-ROMoranFTPserverFormoredetailsreertothe VMware vSphere 4.1 ESXi Installable and vCenter Server

Setup Guide.

ItisalsopossibletoPXEboottheVMwareESXiinstallerThishoweverrequiresaTFTPserverthatsupportsPXE

bootgPXEandamodicationtoyourDHCPservertoallowtheDHCPservertosendthehostthecorrectTFTP

andPXEinormationFormoredetailsreertotheVMware vSphere 4.1 ESXi Installable and vCenter Server Setup

Guidewherethisprocedureisullydocumented

WhetherusingaPXEmechanismtoacilitatetheinstallationoraCD-ROMaso-calledanswerscriptisrequired

ThescriptollowsastandardizedormattosupplytheinstallerwiththecorrectparametersTheollowingexampleincludesapostinstallationactionandactionsontherstboottodemonstratetheendlesscapabilities

theVMwareESXiinstalleroersThesewillbeexplainedindetailasollows

# Accept the VMware End User License Agreement

vmaccepteula

# Set the root password for the DCUI and Tech Support Mode

rootpw mypassword





# Choose the rst discovered disk to install onto

autopart --rstdisk --overwritevmfs

# The installation media is in the CD-ROM drive

install cdrom

# Set the network to DHCP on the rst network adapater

network --bootproto=dhcp --device=vmnic0

# A sample post-install script

%post --unsupported --interpreter=busybox --ignorefailure=true

# Download drivers required to access the network after a reboot

wget http://192.168.1.1/drivers.zip-O/vmfs/volumes/datastore1/drivers.zip

# A sample of the script that will run on rst boot

%rstboot –--unsupported –--interpreter=busybox

# Installation of the drivers for network access

esxupdate --bundle=/vmfs/volumes/datastore1/drivers.zip update

# Conguration of NTP Servers

echo restrict default kod nomodify notrap noquerynopeer > /etc/ntp.conf

echo restrict 127.0.0.1 >> /etc/ntp.conf

echo server 10.0.0.11 >> /etc/ntp.conf

echo server 10.0.0.12 >> /etc/ntp.conf

echo driftle /var/lib/ntp/drift >> /etc/ntp.conf

/sbin/chkcong --level 345 ntpd on

/etc/init.d/ntpd stop

/etc/init.d/ntpd start

# Rename the local datastore so that it includes the hostname

vim-cmd hostsvc/datastore/rename datastore1 $(hostname -s)-datastore01

# Add an extra nic to vSwitch0 (vmnic0 and vmnic2) and a VLAN ID

esxcfg-vswitch -L vmnic2 vSwitch0

esxcfg-vswitch -v 10 -p ‘Management Network’ vSwitch0

# Add vMotion Portgroup to vSwitch0

esxcfg-vswitch -A vMotion vSwitch0

# Assign an ip-adress to the vMotion VMkernel and a VLAN ID to the Portgroup

esxcfg-vswitch -v 20 -p vMotion vSwitch0

esxcfg-vmknic -a -i 192.168.2.41 -n 255.255.255.0 vMotion

# Wait to ensure everything has been created and refresh the network stack

sleep 5

vim-cmd hostsvc/net/refresh

# Enable vMotion on the newly created VMkernel vmk1

vim-cmd hostsvc/vmotion/vnic_set vmk1

http://192.168.1.1/drivers.zip-O/vmfs/volumes/datastore1/drivers.zip

http://192.168.1.1/drivers.zip-O/vmfs/volumes/datastore1/drivers.zip





# Add new vSwitch for VM trafc (vmnic1 and vmnic3)

esxcfg-vswitch -a vSwitch1

#Create a standard portgroup for VMs to vSwitch1 and set a VLAN ID

esxcfg-vswitch -A Production_VLAN5 vSwitch1

esxcfg-vswitch -v 30 -p Production_VLAN5 vSwitch1

# Add NICs to the new vSwitch



# Wait to ensure everything has been created and refresh the network stack

sleep 5

vim-cmd hostsvc/net/refresh

ThisexamplescriptshowshowtoautomatetheinstallationoaVMwareESXihostthatrequiresthedownloado

adriverpackagebeorethehostisrebootedbytheinstallationprocessandtheinstallationothisdriver

packageatertherstbootAlthoughthisscenarioisrareitshowstheexibilityyouhavewhendeveloping

thesescripts

Thetool“wget”andtheuseopersistentstorageonadatastoreenableyoutodownloaddriversadditional

scriptsandmuchmoreFurthermorewedisplayhowtoenableandcongureNTPandhowtocreateadditional

vSwitchesandportgroupsincludingVLANIDs

OcoursetherearemanymoremanualstepsthatcanbeautomatedthroughtheuseostandardCLI

commandssuchas(butnotlimitedto)esxcliesxcg-*andvim-cmd

Itisimportanttorecognizethedierencebetweenthe%postandthe%rstbootsectionThe%rstbootsection

isthesectionthatismostcommonlyusedorconguringtheVMwareESXihostItisexecutedduringtherst

bootatertheinstallerhascompletedTheollowingdiagramdepictstheprocessoascriptedinstallationwhere

boththe%postand%rstbootsectionareused

Boot installer

%post

%firstboot

Finish

Reboot

Install with parameters

from provided ks.cfg

Figure 4. Scripted Installation Process





InstallationDestination

Whenplanningtheimplementationo—ormigrationto—VMwareESXioneotherstdecisionsthatmustbe

madeconcernsthetypeoinstallationdestinationtobeusedTheormactoroVMwareESXienablesittobe

installedonmultipledierentinstallationdestinationtypeswhichincludetheollowing

•Localdisk(includingSSD)

•Removablemedia

– SB

– SD

•BootromSAN

– FC

– iSCSI

LocaldisksareapopularinstallationdestinationLocaldiskinstallationsprovidetwoadvantagesoverremovable

devicesresiliencyandtheleveloautomationResiliencyreerstotheabilitytoruntwolocaldisksinRAID-

AlthoughVMwareESXiisloadedintomemoryitmustwriteitscongurationonceeveryminutesonaverageInthecaseobootmediaailurethismightbeatriskpossiblyresultinginalossocongurationchangesLocal

diskinstallationsalsoenableyoutoimplementascriptedinstallationmechanismThismethodisalsosupported

orbootromSAN(iSCSIFC)butcurrentlynotsupportedorremovabledevicessuchasUSBandSDmedia

TheremustbeatleastGBodiskspaceavailableoralocaldiskinstallation

RemovabledevicessuchasUSBandSDhavealwaysbeenoneothetopVMwareESXiinstallationdestinations

duetotheexibilityandcostactorsassociatedwiththemThesedevicestypicallyhaveashorterliespanthan

harddisksandthereoreimposeaminorriskHardwarevendorshaveoundasolutionthatincreasesresiliency

byoeringa“dual-SDmodule”congurationAndmanycustomershavemitigatedtheriskbyusingenterprise-

gradeUSBSDmodulesandhavingoneormoreothemonhand

Fromanoperationalperspectivetheexibilityandresiliencyoermanybenetsalthoughthereisone

restrictionScriptedinstallationoVMwareESXionaremovabledeviceiscurrentlynotsupportedThiscanbe

mitigatedthroughtheuseohostprolesorbyautomatingthecongurationthroughPowerCLIRequirements

•VMwaresupportsremovabledevicesonlyundertheseconditions

– TheserveronwhichyouwanttoinstallVMwareESXixisinthe

VMware ESXi 4.x Hardware Compatibility Guide

and

–YouhavepurchasedaserverwithVMwareESXixembeddedontheserverromacertiedvendor

or

–YouhaveusedaUSBorSDFlashdevicethatisapprovedbytheservervendorortheparticularservermodel

onwhichyouwanttoinstallVMwareESXixonaUSBorSDFlashstoragedevice

AsovSpheresupportorbootromSAN—bothFCandiSCSI—hasbeenincludedBootromSANgivesyouresiliencyandenablesyoutoleveragetheexibilityoadisklessserverwhilestillprovidingyouwiththeoption

todoascriptedinstallation

Requirement

•SupportorbootromSANorstoragedeviceandadapters

http://www.vmware.com/go/hcl





T E C H N I C A L W H I T E P A P E R / 1 0


EachtypeoinstallationmediahasitsbenetsDependingontheenvironmentallmediashouldbeconsidered

Basedonrequirementsandconstraintsregardingbudgetlicensingandarraycapabilitiesadecisionmustbe

madeonaper-casebasisGenerallyspeakingusing“localdisks”isthemostcompellingoptionbecauseit

enablesyoutoullyautomateyourinstallationincomparisontoUSBSDanditisrelativelyinexpensivein

comparisontobootromSAN

HardwareMonitoring

TheCommonInormationModel(CIM)isanopenstandardthatdenesarameworkoragentlessstandards-

basedmonitoringohardwareresourcesorVMwareESXiThisrameworkconsistsoaCIMobjectmanager

otencalledaCIMbrokerandasetoCIMproviders

CIMprovidersarethemechanismsthatprovidemanagementaccesstodevicedriversandunderlyinghardware

Hardwarevendorsincludingservermanuacturersandspecichardwaredevicevendorscanwriteprovidersto

supplymonitoringandmanagementotheirparticulardevicesVMwarealsowritesprovidersthatimplement

monitoringoserverhardwareVMwareESXistorageinrastructureandvirtualization-specicresourcesThese

providersruninsidetheVMwareESXisystemandaredesignedtobeextremelylightweightandocusedon

specicmanagementtasksTheCIMbrokertakesinormationromallCIMprovidersandpresentsittothe

outsideworldviastandardAPIsthemostcommononebeingWS-MANAnysotwaretoolcompatiblewithone

otheseAPIssuchasHPSIMorDellOpenManagecanreadthisinormationmonitoringthehardwareothe

VMwareESXihost

OneconsumerotheCIMinormationisVMwarevCenterThroughadedicatedtabinthevSphereclientusers

canviewthehardwarestatusoanyVMwareESXihostintheirenvironmentprovidingasingleviewothe

physicalandvirtualhealthotheirsystemsUserscanalsosetVMwarevCenteralarmstobetriggeredoncertain

hardwareeventssuchastemperatureorpowerailureandwarningstates

Figure 5. Hardware Monitoring in VMware vCenter Server





VMwareESXialsoexposeshardwarestatusinormationviaSNMPorothermanagementtoolsthatrelyupon

thatstandardSNMPtrapsareavailableromboththeVMwareESXihostandVMwarevCenterVMwareESXi

currentlysupportsSNMPvanditcanbeconguredusingthevCLIcommand“vicg-snmp”

FirmwareUpgrades

UpgradingrmwareonanyplatormisacumbersometaskHistoricallycustomerswhohaveusedtheCOShave

upgradedthermwarewithtoolsprovidedbytherespectivevendorWithVMwareESXithatapproachwillno

longerworkduetotheabsenceotheCOSFirmwareupgradeswillhoweverstillperiodicallyneedtobeapplied

CurrentlyVMwareESXioersnonativeunctionalityTheollowingwork-aroundsexisttosolvethisproblem

1. Hardware vendor bootable upgrade CD-ROM/DVD

2. PXE boot o vendor’s upgrade CD-ROM/DVD

3. Hardware vendor VMware vCenter plug-in or management application

4. PXE boot o small Linux distribution

ManyvendorsoerabootableCD-ROMDVDthatcontainsalldriversandrmwarecoderequiredTheseare

typicallycategorizedperservermodelandcanbeusedtobootahostoandmanuallyupgradetheappropriate

devicesThissolutiontypicallyisusedinenvironmentsouptohostsForlargerenvironmentswehaveound

thatusingaPXEbootcongurationinconjunctionwiththevendor-providedupgradedCD-ROM/DVDcanbea

exiblealternativeTheoveralltransersizeothetotalpackagemightbeaconstraint

Severalhardwarevendorsprovidemanagementplug-insorVMwarevCenterServerthatenableyoutomanage

rmwareupgradesromwithinthevSphereClientTheseplug-insotenoerreportingcapabilitiesthatreduce

thechancesoinconsistencyacrossthevirtualinrastructureLargeenvironmentstypicallyuseacentralized

managementapplicationtomanagehardwareendtoendwhichalsoincludesthecapabilitiestoupgrade

rmware

Findingauniedsolutiontomanagermwareandpatchesinanenvironmentwheremultipletypesohardware

romdierentvendorsareusedcanbeachallengeCreatingacustomslimmed-downLinuxappliancethat

identiesthehardwarecongurationandupdatesthermwareaccordinglycansolvethisproblemSolutions

suchasthesetypicallyuseaPXEbootcongurationwithacentralrepositoryorthedierenttypesormware

orthisenvironmentThisdoesrequireextensiveknowledgeothevariouscomponentsandasubstantialeort

withregardtodevelopmentbutitultimatelyleadstoahighlyexibleandscalablesolutionthatenablesyouto

updateanyothehardwarecomponents

Weadvisemanagingthermwarelevelconsistentlyandollowingthehardwarevendor’srecommendationsto

avoidrunningintoanyinterdependencyissuesWealsorecommendthatwhenyouareacquiringnewhardware

youlookintothelevelointegrationandthemechanismsthatcanbeleveragedaroundmanagingyour

hardwareEspeciallyinconvergedsharedplatormsavailabilityandmanageabilityarekeytothesuccesso

yourITdepartment

SystemsManagementandBackup

SystemsmanagementandbackupproductsintegratewithVMwareESXiviathevSphereAPIswhichhavebeen

signicantlyenhancedinvSpherethroughagentlesspartnerintegrationTheAPI-basedpartnerintegration

modelsignicantlyreducesmanagementoverheadbyeliminatingtheneedtoinstallandmanageagentsin

theCOS

VMwarehasworkedextensivelywithourecosystemtotransitionallpartnerproductstotheAPI-based

integrationmodeloVMwareESXiAsaresultBMCCAHPIBMEMCNetIQQuestSotwareCommvault

VizioncoreDouble-TakeSotwareSteelEyeandSymantecareamongthemajorityosystemsmanagementand

backupvendorsintheVMwareecosystemthathaveproductsthatsupportVMwareESXitodayIyouareusing

anagent-basedpartnersolutiontointegratewithVMwareESXcheckwithyourvendortoseeianewerversion

otheproductsupportsVMwareESXi





VMwarealsoincludesbackupcapabilitywiththevSphereproductsuiteVMwareDataRecoveryisarobust

simple-to-deploybackupandrecoverysolutionthatbusinessesshouldconsidertoprovidetherstlineodata

protectionortheirvirtualenvironment

VMwareDataRecoveryenables

•Fullimagebackupovirtualmachines

•Fullandincrementalrecoveryovirtualmachinesplusrecoveryoindividuallesanddirectories

PatchingandUpdating

ThepatchingandupdatingoVMwareESXienablesexibilityandcontrolDuringthepatchingprocessonly

thespecicmodulesbeingupdatedarechangedTheadministratorcanpreserveanypreviousupdatestoother

componentsWhetherinstalledondiskorembeddedFlashmemoryVMwareESXiemploysa“dual-image”

approachwithboththecurrentandpriorversionpresentWhenapatchisinstalledthenewimageis

constructedandoverwritesthepriorimageThecurrentversionbecomesthepriorversionandthesystem

bootsothenewlywrittenimageIthereisaproblemwiththeimageoritheadministratorwishestorevert

totheprioronethehostissimplyrebootedotherecentgoodimage

Install Patch

Construct and Write New

Image to “Current Image”

Copy “Current Image” to

“Prior Image”

Figure 6. Workow or Installing Patches

VMwarevCenterUpdateManager(UpdateManager)isaVMwarevCenterplug-inpatch-managementsolution

orvSphereUpdateManagerenablescentralizedautomatedpatchandversionmanagementorvSphereIt

oerssupportorVMwareESXESXihostsvirtualmachinesandvirtualappliancesenablingadministratorsto

maketheirvirtualinrastructurecompliantwithbaselinestheydeneUpdatesthatusersspeciycanbeapplied

toguestoperatingsystemsaswellastoVMwareESXESXihostsvirtualmachinesandvirtualappliancesthat

canbescannedWithUpdateManageruserscanperormtheollowingtasks

•Scanorcomplianceandapplyupdatesorguestsappliancesandhosts

•DirectlyupgradehostsvirtualmachinehardwareVMwareToolsandvirtualappliances

•Installandupdatethird-partysotwareonhosts

UpdateManagerempowersuserstoapplyofinebundlepatchesThesearepatchesthataredownloadedmanuallyromaVMwareorthird-partyWebsitenothostedinanonlinedepotThisisespeciallyrelevantto

VMwareESXibecausemanyimportantcomponentssuchasthird-partydriverupdatesandCIMprovider

updatesareotendistributedonlyasofinebundles

AnalternativetoUpdateManageristhevCLIcommand“vihostupdate”Thiscommandappliessotwareupdates

toVMwareESXESXiimagesandinstallsandupdatesVMwareESXESXiextensionssuchasVMkernelmodules

driversandCIMprovidersUnlikeUpdateManager“vihostupdate”worksonlyonanindividualhostanddoes

notmonitororcompliancetobaselinesHowever“vihostupdate”doesnotrequireVMwarevCenterServerto

unctionTablegivesasummaryoVMwareESXipatchingandupdatingoptions





PATCHING AN D

UPDATING TOOL

WHEN TO USE

VMwarevCenter

UpdateManager

•UsewhenhostsaremanagedbyVMwarevCenterServerUpdateManageris

integratedwithVMwarevCenterandprovidesasinglepaneoglass

•Usewhenmonitoringorcomplianceagainstpatchingbaselinesisrequired

•UsewhencoordinationwithhostmaintenancemodeisneededorVMwareDRSto

perormanorderlyevacuationovirtualmachinesromexistinghosts

“vihostupdate” •Useorone-ohostupgrades

•UseinremotesituationinwhichVMwarevCenterServerisnotaccessible

•UsewhenVMwareESXESXihostsarenotmanagedbyVMwarevCenterServer

Table 2. Considerations or Patching and Update Tool

UserAuthentication

Althoughday-to-dayoperationsaredoneonVMwarevCenterthereareinstanceswhenusersmustworkwith

ESXidirectlysuchaswithcongurationbackupandlogleaccessTocontrolaccesstothehostyoucanhave

localusersonaVMwareESXisystemWithVMwareESXiyoucancongurethehosttojoinanActive

Directorydomainandanyusertryingtoaccessthehostwillautomaticallybeauthenticatedagainstthe

centralizeduserdirectoryYoucanalsohavelocalusersdenedandmanagedonahost-by-hostbasisand

conguredusingthevSphereclientvCLIorPowerCLIThissecondmethodcanbeusedinplaceoorin

additiontotheActiveDirectoryintegration

UserscanalsocreatelocalrolessimilartoVMwarevCenterroleswhichdenethingsthattheuserisauthorized

todoonthehostForinstanceausercanbegrantedread-onlyaccesswhichallowsthemonlytoviewhost

inormationOrtheycanbegrantedadministratoraccesswhichallowsthembothtoviewandtomodiyhost

congurationIthehostisintegratedwithActiveDirectorylocalrolescanalsobegrantedtoActiveDirectory

usersandgroupsForexampleanActiveDirectorygroupcanbecreatedtoincludeuserswhoshouldhavean

administratorroleonasubsetoVMwareESXiserversOnthoseserverstheadministratorrolecanbegranted

tothatActiveDirectorygroupForallotherserversthoseuserswouldnothaveanadministratorroleIyourADadministratorcreatesagroupwiththename“VMwareESXAdmins”VMwareESXiautomaticallygrants

administratoraccesstothisgroupenablingthecreationoaglobaladministratorsgroupThisoperationcanbe

overriddenonindividualVMwareESXihostsbyassigningthe“NoAccess”roletothegroup“ESXAdmins”

TheonlyuserdenedbydeaultonthesystemistherootuserTheinitialrootpasswordistypicallysetusing

thedirectconsoleuserinterace(DCUI)ItcanbechangedaterwardusingthevSphereclientvCLIorPowerCLI

TherootuserisdenedonlylocallyInotherwordstherootpasswordisnotmanagedbyActiveDirectory

ItispossibletoexcludetherootuseraccessbyenablingLockdownModeThisisaddressedinalatersection

othispaper

Logging

LoggingisimportantorbothtroubleshootingandcomplianceVMwareESXiexposeslogsromthehostagent

(hostd)VMwarevCenteragent(vpxa)andVMkernel(messages)byusingahostsyslogcapabilityUserscanconguresyslogtowritelogsontoaleonanydatastoreaccessibletotheVMwareESXihostInVMwareESXi

thesystemisautomaticallyconguredtowriteloglestothescratchpartitionothehostdependingonthe

typeodeviceusedorinstallationForinstallationstolocaldiskstheinstallerrequiresaminimumoGB

availablediskspacetoguaranteethattheGBscratchpartitioncanbecreatedForUSBSDorboot-rom-SAN

installationswerecommendusingasharedVMFSvolumeoGBintotalregardlessotheclustersize

MonitoringtheavailablediskspaceonthisvolumeusingtheVMwarevCenter–providedalarmunctionalityis

alsorecommendedUserscanalsoconguresyslogtoorwardlogmessagestoasyslogserverorenterprise

centrallogging





TheVMwareESXiloglestructureisdierentromthatoESXDuetotheactthatthereisnoserviceconsole

thereisalsononeedtohavethesamecollectionolesWithVMwareESXitheollowingloglesareused

PATH + LOG FILE DESCRIPTION

varlogmessages ThislogleincludestheVMkernelvmkwarningand

hostdlogs

varlogvmwarehostdlog Hostmanagementservice(hostd=Hostdaemon)log

varlogsysbootlog Systembootlog

var logvmwareaamvmware_hostname-xxxlog VMwareHAlogle

Table 3. Summary o Log Files

LoglesorcertaincapabilitiessuchasVMwareHAarenotmanagedthroughthesyslogacilityTheselogles

arestoredonlyonthelocalVMwareESXihost’sin-memorylesystemTheycanbedownloadedromthehost

byusingthevSphereclientoption“ExportDiagnosticData”

ItisabestpracticetoleveragethesyslogcapabilitiesthatESXioersUsingasyslogserverwillsimpliy

troubleshootingandensurethatloglesareaccessibleevenwhenaVMwareESXihosthasphysicallyailed

Manysyslogserversalsoenableeasiercorrelationbetweenevents

VMwareoersasyslogsolutionaspartothevSphereManagementAssistantwhichisdesignedprimarilyor

VMwareESXilogsOtheralternativesenableyoutodoadvancedeventcorrelationbetweenmanytypeso

devicesConguringthesyslogclientisstraightorwardandcanbedoneinsevensimplesteps

1. In the vSphere Client inventory, let-click the host.

2. Click the Confguration tab.

3. Click Advanced Settings under Sotware.

4. Select Syslog in the tree control.

5. In the Syslog.Remote.Hostname text box, enter the name o the remote host where syslog data will

be orwarded. I no value is specied, no data is orwarded.

6. In the Syslog.Remote.Port text box, enter the port on the remote host where syslog data will

be orwarded. By deault Syslog.Remote.Port is set to 514, the deault UDP port used by syslog.

Changes to Syslog.Remote.Port take eect only i Syslog.Remote.Hostname is congured.

7. Click OK.

AsecondcapabilitythatVMwareESXioersisspeciyingalocationorlocalloglesLocalreerstoanon-

syslogsolutionLocalloglesdon’tneedtobestoredonalocaldrivebutratheronanydatastoreItisabest

practiceorenvironmentswithoutasyslogservertospeciyaremoteVMFSdatastoretoensurethatlogles

willbeavailablewhenaVMwareESXihosthasphysicallyailedtoalloworarootcauseanalysisThiscanbe

conguredthroughthevSphereClientasollows

1. In the vSphere Client inventory, let-click the host.

2. Click the Confguration tab.

3. Click Advanced Settings under Sotware.

4. Select Syslog in the tree control.

5. In the Syslog.Local.DatastorePath text box, enter the datastore path to the le where syslog will log

messages. I no path is specied, the deault path is /var/log/messages. In addition, i pointing at a

datastore, ensure that the directory has been created previously.





Thedatastorepathormatisvmsvolumesdatastoreolderlename

NOTE: You might need to reboot the host or the changes to take efect.

Youcanalsoincludetheservernameinthe“older”name

Boththesyslogadvancedsettingandthelocaldatastorepathsettingcanbedoneduringascriptedinstallation

throughtheuseovim-cmdTheollowingcommandisanexampleohowtosetthelocaldatastorepathtoa

datastorenamed“vms”;itincludesavariablethatinsertsthehostnameintothepatch

vim-cmd hostsvc/advopt/update Syslog.Local.DatastorePath string “[vmfs01] /$(hostname -s)/

logles/messages”

KeepingtheVMwareESXihostinsyncwithanaccuratetimesourceisveryimportantorensuringlogaccuracy

anditisrequiredorcomplianceItisalsoimportantiyouareusingthehosttomaintainaccuratetimeonthe

guestvirtualmachinesHoweverVMwarerecommendssynchronizingvirtualmachineswithanNTPorwtm

serverasdescribedin VMwareknowledgebasearticle andVMwareknowledgebasearticle

VMwareESXihasbuilt-inNTPcapabilitiesorsynchronizingwithNTPtimeserverswhichcanbecongured

throughthevSphereClientorthroughtheshellasshownintheautomatedinstallationscript

VM VM VM

Enterprise

Syslog

Collection

VMwareManagement

Framework

Local Support Consoles

Datastore

VMkernel

CommonInformation

Model

Virtual MachineSupport and

ResourceManagement

InfrastructureAgents (NTP,

Sylog, etc.)

Enterprise

NTP TIme

Server

Figure 7. Logging in VMware ESXi

LocalShellAccess

TechSupportModeisasimpleshelloradvancedtechnicalsupportWhenremotecommand-linetoolsarenot

capableoaddressingaparticularissueTechSupportModeprovidesanalternativeSimilarlytohowtheCOSis

usedtoexecutediagnosticcommandsandxcertainlow-levelproblemsTechSupportModeenablesusersto

viewlogandcongurationlesaswellastoruncertaincongurationandutilitycommandstodiagnoseandx

problemsTechSupportModeisnotbasedonLinuxRatheritisalimited-capabilityshellcompiledespeciallyor

VMwareESXi

http://kb.vmware.com/kb/1006427








InVMwareESXiTechSupportModeisullysupportedorusebyendusersandisenhancedinseveralways

InadditiontobeingavailableonthelocalconsoleoahostitcanalsobeaccessedremotelythroughSSH

AccesstoTechSupportModeiscontrolledintheollowingways

•BothlocalandremoteTechSupportModecanbeenabledanddisabledseparatelyinboththeDCUIandvSphereClient

•TechSupportModecanbeusedbyanyauthorizedusernotjustrootusersUsersbecomeauthorizedwhen

theyaregrantedtheadministratorroleonahost(throughActiveDirectorymembershipinaprivilegedgroup

andthroughothermethods)

•AllcommandsissuedinTechSupportModeareloggedthroughsyslogprovidingaullaudittrailIasyslog

serverisconguredthisaudittrailisautomaticallyincludedintheremotelogging

•AtimeoutcanbeconguredorTechSupportMode(bothlocalandremote)sothataterbeingenableditwill

automaticallybedisabledatertheconguredtime

TechSupportModeisrecommendedoruseprimarilyorsupporttroubleshootingandbreak-xsituationsIt

alsocanbeusedaspartoascriptedinstallationasdescribedinaprevioussectionAllotherusesoTech

SupportModeincludingrunningcustomscriptsarenotrecommendedinmostcases

Diagnostics and TroubleshootingWithVMwareESXithereareavarietyooptionsordiagnosingproblemswiththeservercongurationor

operationaswellasorxingthemDierentmethodswillbeappropriatedependinguponthesituationThere

arealsoVMwareknowledgebasearticleswithinstructionsonvariousissues

TheDCUIisthemenu-driveninteraceavailableattheconsoleothephysicalserveronwhichVMwareESXiis

installedorembeddedItsmainpurposeistoperormtheinitialcongurationothehost(IPaddresshost

namerootpassword)anddiagnostics

TheDCUIhasseveraldiagnosticmenuitems

Restartallmanagementagentsincluding

•hostd

•vpxa

Resetcongurationsettingsorexample

•Fixamisconguredswitch

•Resetallcongurationstoactorydeaults

EnableTechSupportMode(shellaccess)including

•LocalTechSupportMode

•RemoteTechSupportMode(SSH-based)





UserscanalsopointanordinaryWebbrowsertothehostandviewlesincluding

•Logles

•Congurationles

•Virtualmachineles

AsanexamplewewilldemonstratehowtoviewtheloglesoanygivenvirtualmachineAuserwithan

administratorrolemustprovidecredentialstousethiseatureTheprocedureisasollows

1. Open a browser and enter the URL http://<vCenter hostname>, where <vCenter hostname> is the IP

or ully qualied domain name or the VMware vCenter Server.

2. Provide administrative credentials when prompted.

3. Click the Browse datastores in the VMware vCenter inventory link.

4. Navigate the Web pages until you reach the appropriate datacenter, datastore and older, as noted

in step 1.

5. Click the link to the appropriate log le, and open it with your preerred editor.

TechSupportModeprovidesanothermeansormoreadvancedtroubleshootingandsupportasmentioned

earlierSomenewcommandsaddedtoTechSupportModeinVMwareESXiinclude

•vscsiStatswhichprovidesdetailedinormationonSCSIperormance

•ncwhichisbasedonthestandardnetcatutility

•tcpdump-uwwhichisbasedonthestandardtcpdumputility

SomecommandsthatareusedintroubleshootingscenariosarelistedasollowsoryourconvenienceThisis

notacomprehensivelistRatherthesearejustaewothecapabilitiesthatVMwareESXiTechSupportMode

oers

•vmkping -s 9000 <ipaddress>

Thecommandvmkpingcanbeusedtodobasicnetworktroubleshootingbutitismoreotenusedtovalidate

theoperationojumboramesbyaddingthesizeothepacketasshowninourexample

• fdisk –l

ThisenlistsallpartitionsandincludesthetypeothepartitionwhereVMFSpartitionsarelabeledas“b”

•vim-cmd hostsvc/maintenance _ mode _ enter

Maintenancemodecanbeenteredromthecommandlinebyusingvim-cmd

•vim-cmd hostsvc/maintenance _ mode _ exit

Maintenancemodecanbeexitedusingthiscommand

•vim-cmd vmsvc/getallvms

•vim-cmd vmsvc/poweroff <vm id>

TherstcommandprovidesalistoallthevirtualmachinescurrentlyregisteredonthehostThesecond

commandenablesyoutopoweroavirtualmachine

• vdf –ph

Thiswillprovidetheutilizationothein-memorylesystem





ThesecommandsarejustexamplesowhatispossiblewithVMwareESXiTechSupportModeWerecommend

thatyouavoidenablingaccesstoESXiTechSupportModeunlessabsolutelyneededanddisablingaccessonce

itisnolongerneededIngeneraltroubleshootingworkowsaresimilartothosewithVMwareESXduetothe

eaturesetoTechSupportMode

TheextensiveVMwareknowledgebaseshouldalwaysbeyourrstresourceoranyproblemsthatareVMware

relatedForyourconveniencewehavelistedsomeothemostcommonissuesandmostaccessedVMware

knowledgebasearticlesorVMwareESXiasollows

1. Restart the management agents on a VMware ESXi host (1003490)

2. Determining why a single virtual machine is inaccessible (1018834)

3. Determining why a virtual machine was powered o or restarted (1019064)

4. Determining why multiple virtual machines are inaccessible (1019000)

5. Troubleshooting virtual machine network connection issues (1003893)

6. Interpreting virtual machine monitor and executable ailures (1019471)

7. Determining why a virtual machine does not respond to user interaction at the console (1017926)

8. Using Tech Support Mode in VMware ESXi 4.1 (1017910)

9. Determining why a VMware ESXi host is inaccessible (1019082)

10.Determining why a VMware ESXi host was powered o or restarted (1019238)

11.Determining why a VMware ESXi host does not respond to user interaction (1017135)

12.Enabling serial-line logging or a VMware ESXi host (1003900)

13.Using perormance collection tools to gather data or ault analysis (1006797)

14.Using hardware NMI acilities to troubleshoot unresponsive hosts (1014767)

15.Interpreting a VMware ESXi host purple diagnostic screen (1004250)

16.Troubleshooting VMware High Availability (VMware HA) (1001596)





































Local Access and Lockdown ModeVMwareESXiprovidestheabilitytoullycontrolalldirectaccesstothehostviaVMwarevCenterServer

OnceahosthasbeenjoinedtoVMwarevCenterServereverydirectcommunicationinteracewiththehostiscongurableasanindependentserviceinthecongurationtaborthehostinvSphereClientincluding

• DCUI

• Local Tech Support Mode

• Remote Tech Support Mode

Eachothesecanbeturnedonandoindividually

Figure 8. Local Access Services

AccessbasedonthevSphereAPI—orexamplethevSphereClientPowerCLIvCLIandsoon—isnormally

governedbygrantinglocalprivilegestospecicusersTherootuseristheonlyonethathasapermanent

administratorroleonthehostAllotherusersmustbeexplicitlygrantedalocalroleonthehostinorderto

accessit

Therearecasesinwhichyouwouldnotwantanyonetoaccessthehostdirectlyatallinsteadmanagingit

exclusivelythroughVMwarevCenterServerLockdownModeisaeaturedesignedtoprovidethiscapability

WhenLockdownModeisenabledonthehostalldirectremoteaccesstothehostisblockedincluding

•AnyvSphereAPIclient

•LocalTechSupportMode•RemoteTechSupportMode

EveniTechSupportModeisenabledLockdownModeeectivelyoverridesthisbypreventinganyconnection

romsucceedingTheonlywaytomanagethehostremotelyisthroughVMwarevCenterServerTheinteraction

betweenthehostandVMwarevCenterServeroccursthroughaspecial-purposeaccountcalled“vpxuser”;all

otherordinaryuseraccountsincludingrootcannolongerconnectremotely





ForthespecialcaseohardwaremonitoringthroughtheCIMinteracemonitoringsotwaremustobtainthis

hardwareinormationdirectlyromthehostTodothisthemonitoringsotwaremustbeprogrammedtoobtain

aspecialauthenticationticketromVMwarevCenterServerThisticketallowsthesotwaretoobtainthe

inormationromthehostthroughtheVMwarevCenterServer“vpxuser”accountonaone-timebasis

WithLockdownModeenabledtheonlydirectaccesstothehostthatremainsopenisthroughtheDCUIThis

providesawaytoperormlimitedadministrativetasksoutsideoVMwarevCenterServerTheDCUIcanalso

turnoLockdownModedisablingitwithoutgoingthroughVMwarevCenterServerThismightbeuseuli

VMwarevCenterServerisdownorotherwiseunavailableandyouwishtoreverttodirectmanagementothe

hostTologintotheDCUIinLockdownModehowevertherootpasswordisrequiredNootherusercanlogin

evenitheyhavebeengrantedanadministratorrole

IntheextremecasedisablingoalldirectaccesstothehostmightbedesiredForexampleyoumightwantto

preventanyonewiththerootpasswordromdisablingLockdownModeandmanagingthehostInthiscaseyou

cantaketheadditionalstepodisablingtheDCUIorthehostthroughVMwarevCenterServerAterthisis

donenodirectinteractionwiththehostlocalorremoteispossibleItcanbemanagedonlythroughVMware

vCenterServerIVMwarevCenterServerisdownorotherwiseunavailableyoucannotreverttodirect

managementbecauseloggingintotheDCUIisnolongerpossibleItheVMwarevCenterServercannotbe

restoredtheonlywaytoreverttodirectmanagementistoreinstalltheVMwareESXisotwareonthehost

LockdownModeisnotpermanentItcanbedisabledoranyindividualVMwareESXihostatanytime(provided

thatVMwarevCenterServerisrunningandabletoconnecttothathost)TherecommendationisthatLockdown

Modebeusedinordinaryday-to-dayoperationsbutthatitbedisabledorahostitheneedarisestointeract

withitdirectlyForexampleiatroubleshootingsituationisencounteredandthetoolsprovidedbyVMware

vCenterServerarenotsucientLockdownModeshouldbedisabledandmoreextensivediagnosticsshouldbe

perormedusingTechSupportModeorexample

TablepresentsasummaryoLockdownModeanditsinteractionwiththevarioushostaccessservices

ACCESS MODE NORMAL LOCKDOWN LOCKDOWN +

DCUI DISABLED

vSphereAPI(eg

vSphereClient

PowerCLIvCLI

andsoon)

Anyuserbasedon

localrolesprivileges

None(exceptVMware

vCenter“vpxuser”)

None(exceptVMware

vCenter“vpxuser”)

CIM Anyuserbasedon

localrolesprivileges

None(exceptvia

VMwarevCenterticket)

None(exceptvia

VMwarevCenterticket)

DCUI Rootanduserswith

administratorprivileges

Rootonly None

TechSupportMode

(local)

Rootanduserswith


None None

TechSupportMode

(remote)

Rootanduserswith


None None

Table 4. Summary o Lockdown Mode Efect on Local Access





SummaryTheollowingtableprovidesasummaryothetaskstraditionallyperormedintheserviceconsoleoVMware

ESXandtheunctionalequivalentsorVMwareESXi

TASK VMWARE ESX VMWARE ESXi

AccesslocallesVMFS

lescongurationles

logles

Consolecommandstobrowse

datastoresandvirtualmachineles

•Remotecommand-lineinterace

commandstolistandretrievesles

•vSphereclientdatastorebrowseror

VMFSlesdownloadsanduploads

les

Manipulatevirtual

machineles(or

examplemodiyvmx)

•Advancedcongurationdoneinthe

vSphereclient

•Consolecommandstomodiyvirtual

machineles

•Advancedcongurationdonein

vSphereClient


commandstolistandretrieves

virtualmachineles

Backup •Virtualmachinebackupagentsin

serviceconsoleVMwareData

Recoveryorthird-partybackup

products

•VMwareESXbackupusesagentsin

theserviceconsolecreatesarchive

oserviceconsolelesorperormsa

scriptedreinstall

•VirtualmachinebackupVMware

DataRecoveryorthird-partybackup

products

•VMwareESXibackupsinglesmall

backuplecreatedviavCLI

command“vicg-cgbackup”

Hardwaremonitoring •Agentsinserviceconsole

•SNMP

•CIM-basedframework

•SNMP

Patchingandupdating •UpdateManager

•RPM-basedthird-partytools

•UpdateManager

•vCLIcommand“vihostupdate”

Automated

deployment

RedHatKickstart •VMwareESXiscriptedinstallation

(analogoustoRedHatKickstart)

Troubleshootingor

support

Localesxcg-*commands •Remotecommand-lineinterace

commands

•TechSupportMode

Advanced

conguration

Editscongurationles(orexample

hostdcon)directly


commandstolistandretrieves

VMwareESXicongurationles

•EditslesinTechSupportMode

directly

Logging Remotesysloginserviceconsole Built-inremotesyslogclient

Perormance

monitoring

•vSphereclient

•“esxtop”inserviceconsole

•vSphereclient

•vCLIcommand“resxtop”

•“esxtop”inTechSupportMode

Reportingandauditing •Serviceconsolescripts

•Logles


commandstolistandretrieveslog

lescongurationandsettings

•vSphereClientoptiontoexport

diagnosticdata

Table 5. Comparison o Management Capabilities in VMware ESX and VMware ESXi




VMware ESXi EditionsVMwareESXiarchitectureisoeredasapartoallvSphereproducteditionswitheachsuccessiveedition

oeringgreaterunctionalityAttheentrylevelVMwareoersthevSphereHypervisorwhichisareevirtualizationproductCertainVMwareESXieaturesarelimitedinthiseditionasoutlinedinTableAllother

paideditionsovSpherelittheseeaturerestrictionsHowevereventhoughthehost-leveleaturesarenot

limitedinallpaideditionsmanyadvancedeaturessuchasVMwareDRSandVMwareHAarestillonlyavailable

inhigher-licenseversions

FEATURE vSPHERE HYPERVISOR VMWARE ESXi ENTERPRISE

SNMPmonitoring Notsupported Fullunctionality

VMwareConsolidatedBackup

(VCB)andVMwareData

Recovery(vDR)tool

Notavailable Bothapplicationsareavailable

vCLI Limitedtoread-onlyaccess Fullunctionality

PowerCLIandvSphereSDKor

Perl

Limitedtoread-onlyaccess Fullunctionality

Table 6. Comparison o VMware ESXi Editions

AnadministratorwhohasdeployedvSphereHypervisorcanenjoythebenetsovirtualizationwithVMware

ESXiwithintheeaturelimitsHoweverthedeploymentcanbeupgradedtoamoreullyeaturedversiono

vSphereatanytimewithouthavingtouninstallorreinstalltheVMwareESXisotwareTheadditionalcapabilities

areactivatedsimplywhentheproperlicensekeyisprovidedeitherinthehostcongurationorinVMware

vCenterServer

References•VMware ESXi Confguration Guide

httpwwwvmwarecompdvspherervsp__esxi_server_congpd

•VMware ESXi Installable and vCenter Server Setup Guide:

httpwwwvmwarecompdvspherervsp__esxi_i_vc_setup_guidepd

•VMware vSphere Command-Line Interace Installation and Scripting Guide

httpwwwvmwarecomsupportdevelopervcli

•VMware vSphere Command-Line Interace Reerence

httpwwwvmwarecomsupportdevelopervcli

•VMware ESXi Upgrade Center

httpwwwvmwarecomgoUpgradeToESXi

•

VMware ESXi Chronicles Blog

httpblogsvmwarecomesxi

•William Lam’s VMware Scripts and Resources

httpwwwvirtuallyghettocom

VM I 3401 Hill i A P l Alt CA 94304 USA T l 877 486 9273 F 650 427 5001

http://www.vmware.com/pdf/vsphere4/r41/vsp_41_esxi_server_config.pdf

http://www.vmware.com/pdf/vsphere4/r41/vsp_41_esxi_i_vc_setup_guide.pdf

http://www.vmware.com/support/developer/vcli/


http://www.vmware.com/go/UpgradeToESXi

http://blogs.vmware.com/esxi/

http://www.virtuallyghetto.com/

http://www.virtuallyghetto.com/

http://blogs.vmware.com/esxi/

http://www.vmware.com/go/UpgradeToESXi



http://www.vmware.com/pdf/vsphere4/r41/vsp_41_esxi_i_vc_setup_guide.pdf

http://www.vmware.com/pdf/vsphere4/r41/vsp_41_esxi_server_config.pdf

VMware ESXi 41 Operations Guide TWP

Documents

Transcript of VMware ESXi 41 Operations Guide TWP